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REMARKS/ARGUMENTS 

Prior to the entry of this Amendment, claims 1, 7-14, 16, 20-25, 27, 31-36, 38, 39, 
41-44, 46-49, and 51-53 were pending in this application. Claims 1,16, and 27 have been 
amended, no claims have been canceled, and no claims have been added herein. Therefore, 
claims 1, 7-14, 16, 20-25, 27, 31-36, 38, 39, 41-44, 46-49, and 51-53 are now pending in this 
application. Applicants request reconsideration of these claims for at least the reasons presented 
below. 

35 U.S.C. $ 112 Rejection, Indefinite 

The Office Action has rejected claims 1, 7-14, 16, 20-25, 27, and 31-36 under 35 
U.S.C. § 1 12, second paragraph, as allegedly being indefinite for failing to particularly point out 
and distinctly claim the subject matter which applicant regards as the invention. More 
specifically, the Office Action rejects claims 1,16 and 27 alleging that there is insufficient 
antecedent basis in the claims for the phrase "the first." As an initial matter, the Applicants 
thank the Examiner for carefully reading the claims and for pointing out this informality. 
Accordingly, amendments have been made herein that are thought to overcome the reasons for 
the rejection. Specifically, the terms upon which the reason for the rejection have been based 
have been amended herein to recite "the identity profile for the first user" which is believed to 
have sufficient antecedent basis. Further, the Applicants respectfully submit that these 
amendments add no new matter and are made only to correct a formal matter and to place the 
claims in better form for allowance or appeal. Therefore, the Applicants respectfully request 
entry of the amendments and reconsideration and withdrawal of the rejections. 



OID-2005-162-14 



Page 16 of 23 



Appl. No. 09/998,893 
Amdt. dated May 4, 2009 

Amendment under 37 CFR 1.116 Expedited Procedure 
Examining Group 2437 

35 U.S.C. $ 102 Rejection, Hardy 



PATENT 



The Office Action rejected claims 1, 7-14, 16, 20-25, 27, 31-36, 38, 39, 41-44, 
46-49, and 51-53 under 35 U.S.C. § 102(e) as being anticipated by U. S. Patent No. 6,073,242 to 
Hardy et al. (hereinafter "Hardy"). The Applicants respectfully submit the following arguments 
pointing out significant differences between claims 1, 7-14, 16, 20-25, 27, 31-36, 38, 39, 41-44, 
46-49, and 51-53 submitted by the Applicant and Hardy. 

"A claim is anticipated only if each and every element as set forth in the claim is 
found, either expressly or inherently described, in a single prior art reference." MPEP 2131 
citing Verdegaal Bros. v. Union Oil Co. of California, 814 F.2d 628, 631, 2 USPQ2d 1051, 
1053 (Fed. Cir. 1987). Applicant respectfully argues that Hardy fails to disclose each and every 
claimed element. For example, Hardy fails to disclose, either expressly or inherently, a 
workflow for performing a certificate related action that calls for approval from an entity 
associated with the user. Hardy also fails to disclose such an entity identified in a user profile for 
the user. Hardy does not disclose one of the workflows requiring approval for a certificate action 
while another does not. That is, Hardy does not disclose, expressly or inherently, selecting 
workflows that handle certificate related requests differently, i.e., requiring or not requiring 
approval from an entity associated with a requesting user, based on the type of user requesting 
the action. 

Hardy is directed to "an authority server that supports the implementation of role- 
based enterprise policies for expressing and exercising authority and the projection and transfer 
of those authorities over networks of communicating electronic systems." (Col. 3, line 23-27) 
Under Hardy, "the authority server exclusively embodies the authorities of the enterprise and 
allows its users to indirectly wield those authorities only as permitted by enterprise policies." 
(Col. 3, lines 28-31) That is, Hardy describes issuing representations of authority based on 
application of enterprise policies. See generally col. 3, line 23 - col. 4, line 51. 
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However, Hardy fails to disclose, either expressly or inherently, a workflow for 
performing a certificate related action that calls for approval from an entity associated with the 
user. Hardy also fails to disclose such an entity identified in a user profile for the user. Hardy 
does not disclose one of the workflows requiring approval for a certificate action while another 
does not. That is, Hardy does not disclose, expressly or inherently, selecting workflows that 
handle certificate related requests differently, i.e., requiring or not requiring approval from an 
entity associated with a requesting user, based on the type of user requesting the action. Rather, 
Hardy describes issuing representations of authority based on a set of enterprise policies but 
without mentioning obtaining approval from an entity associated with the requestor, identified in 
an identity profile for the requestor or otherwise. 

In response to these arguments, the final Office Action contends that the 
"arguments fail to comply with 37 CRR 1 . 1 1 1(b) because they amount to a general allegation 
that the claims define a patentable invention without specifically pointing out how the language 
of the claims patentably distinguishes them from the references." The final Office Action further 
contends that "Applicant's arguments begins with a list of limitations which the Applicant 
alleges that Hardy fails to disclose," that "this listing fails to include the exact language of the 
claims," but notes that the arguments provide "a verbatim recitation of the list of limitations 
appearing earlier on the page." While the Applicants respectfully submit that the provided claim 
recitations to which the Office Action seems to object do in fact specifically point out the 
language of the claims that patentably distinguishes them from the reference, the following 
additional comments are provided to further illustrate the differences between Hardy and the 
recitations of the pending claims. 

As noted above and to paraphrase the claim recitations, Hardy does not disclose, 
expressly or inherently, workflows for performing certificate related actions that either call for 
approval from an entity associated with the user and identified in a user profile for the user or do 
not call for approval depending upon the type of user as indicated by a user profile for the user. 
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That is, Hardy does not disclose, expressly or inherently, selecting workflows that handle 
certificate related requests differently, i.e., requiring or not requiring approval from an entity 
associated with a requesting user, based on the type of user requesting the action. In an effort to 
demonstrate selecting such different workflows, the final Office Action cites col. 13, line 44 thru 
col. 14, line 25 of Hardy. This portion of Hardy recites in total: 

"The roles database 186 defines, among other things, mappings from: 
users to roles; 
users to authorities; 
roles to other roles; and 
roles to authorities. 

The roles database 186 also defines the term or date of expiration of the defined 
mappings. In the present invention specific users can have one or more defined 
roles within the enterprise, each of which is associated with other roles and/or 
particular authorities, explicitly or implicitly. FIG. 4 shows an instance of the 
roles database 186 for a hypothetical enterprise. Mappings from user names to 
roles/authorities are shown in the upper portion 186a and mappings from roles to 
roles/authorities are shown in the middle portion 186b. For clarity, mappings from 
external users and/or roles to internal roles and/or authorities are shown in the 
lower portion 186c. 

Referring to the top section 186a, the entry 186a.l shows that the user A. Hardy 
permanently fills the roles of President and Employee but is unavailable to 
perform those duties from Jan. 1, 1998 to Feb. 1, 1998. According to the entry 
186a.2, the user M. Wills permanently fills the roles of CFO and Employee, and 
briefly (from Jan. 1, 1998 to Feb. 1, 1998), the Acting President role. The entry 
186a.3 shows that the user D. Tribble permanently fills the roles of CTO (Chief 
Technical Officer) and Employee and also permanently holds Check Signing 
authority. Finally, the entry 186a.4 shows that the user N. Hardy permanently fills 
the role of Employee and no other role. 

Entry 186b.l of the middle portion 186b of the roles database shows that the 
President is authorized to fill other enterprise roles and to exercise other enterprise 
authorities, including CFO, CTO and Manager. For example, if the rules database 
188 required that the Manager of Accounting were the only person who could 
authorize a particular expenditure, the President could also authorize that 
expenditure. Moreover, because she is explicitly allowed to play the role of 
Employee, the President could issue a request to the authority application 154 to 
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send mail for her as a simple Employee of BigCorp. Note that the range of 
Presidential authority and roles could also be defined in the rules database 188. 
The entry 186b. 2 also shows that the CFO can fill the roles of Manager of 
Contracts or the VP of Accounting. This would, e.g., allow the CFO to represent 
herself as or exercise the authorities allotted to the Manger of Accounting. 
Similarly, entry 186b. 3 shows that the CTO can exercise the authorities of 
Manager in addition to those associated with the CTO role." 

That is, the mapping of users to authorities described in this portion of Hardy 
seems to describe a definition of permissions for performing particular tasks. The final Office 
Action seems to have identified the term "authority" in this portion of Hardy and seems to equate 
this to the entity associated with the user. For example, in rejecting claim 8, i.e., "retrieving an 
approval response from the entity associated with the first user," the final Office Action cites col. 
4, lines 11-18 and 23-45. This portion of Hardy states in part: 

"Over their secure, authenticated connections, clients can request that a specific 
authority be applied to their communication. Based on the authority associated or 
delegated to the user in the authority server and the policies established in the 
server's configuration, the server can then invoke appropriate authorities on behalf 
of the user, while enforcing enterprise policy (such as logging) on the invocations 
of those authorities." (Col. 4, lines 11-18) 

The Applicants respectfully submit that rather than identifying another entity and 
obtaining from that entity an approval for a requested action, the "authority" of Hardy describes 
a permission, i.e., actions which a particular user has permission or authority to perform. 
Furthermore, to any extent that the element of Hardy that provides this authority, i.e., the 
authority server, can be considered another entity, the authority server is not identified in a user 
profile for the requesting user. Therefore, the Applicants respectfully maintain that Hardy fails 
to disclose, expressly or inherently, workflows for performing certificate related actions that 
either call for approval from an entity associated with the user and identified in a user profile for 
the user or do not call for approval depending upon the type of user as indicated by a user profile 
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More specifically, claim 1, upon which claims 2-15 depend, claim 16, upon which 
claims 17-26 depend, and claim 27, upon which claims 28-37 depend, each recite in part 
"retrieving by the Identity System a first workflow for responding to said request from a plurality 
of workflows for responding to requests for certificate related actions, wherein each workflow in 
said plurality of workflows corresponds to a different set of characteristics for a user, wherein the 
first workflow contains a first set of directives and a second workflow in said plurality of 
workflows contains a second set of directives, wherein said first set of directives is different from 
said second set of directives, wherein said first workflow calls for obtaining an approval from an 
entity associated with the first user and identified in a user profile for the first user maintained by 
the Identity System before performing a certificate related action, wherein said second workflow 
does not call for obtaining an approval before performing a certificate related action, wherein 
said first workflow for responding to said request corresponds to said first certificate related 
action and a set of characteristics for said first user from the identity profile for the first, the set 
of characteristics for the first user including a user type for the first user, and wherein retrieving 
the first workflow further comprises selecting the first workflow from the plurality of workflows 
based on the first certificate related action and the user type of the first user." Hardy fails to 
disclose, either expressly or inherently, each of these claimed elements. For example, Hardy 
fails to disclose a workflow for performing a certificate related action that calls for approval 
from an entity associated with the user. Hardy also fails to disclose such an entity identified in a 
user profile for the user. Hardy does not disclose one of the workflows requiring approval for a 
certificate action while another does not. That is, Hardy does not disclose, expressly or 
inherently, selecting workflows that handle certificate related requests differently, i.e., requiring 
or not requiring approval from an entity associated with a requesting user, based on the type of 
user requesting the action. For at least these reasons, the Applicants respectfully request 
withdrawal of the rejection and allowance of claims 1, 3-14, 16, 18-25, 27, and 29-36. 

Claim 38, upon which claims 39-42 depend, claim 43, upon which claims 44-47 
depend, and claim 48, upon which claims 49-52 depend, each recite in part "receiving a first 
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request for a first certificate related action for a first user; retrieving a first workflow for 
responding to said first request from a plurality of workflows, wherein said first workflow 
corresponds to said first certificate related action and a set of characteristics for said first user, 
wherein each workflow in said plurality of workflows corresponds to a different set of 
characteristics for a user, wherein said first workflow calls for obtaining an approval from an 
entity associated with the first user before performing a certificate related action, wherein a 
second workflow of the plurality of workflows does not call for obtaining an approval before 
performing a certificate related action, and wherein retrieving the first workflow for responding 
to said first request further comprises selecting the first workflow from the plurality of 
workflows based on the first certificate related action and a user type of the first user; performing 
said first workflow, wherein performing said first workflow comprises retrieving an approval 
response from the entity associated with the first user and obtaining a certificate; receiving a 
second request for a second certificate related action for a second user; retrieving a second 
workflow for responding to said second request from said plurality of workflows, wherein said 
second workflow corresponds to said second certificate related action and a user type of said 
second user; and performing said second workflow, wherein performing said second workflow 
comprises obtaining a second certificate without retrieving an approval response." Hardy fails to 
disclose, either expressly or inherently, each of these claimed elements. For example, Hardy 
fails to disclose a workflow for performing a certificate related action that calls for approval 
from an entity associated with the user. Hardy also fails to disclose one of the workflows 
requiring approval for a certificate action while another does not. That is, Hardy does not 
disclose, expressly or inherently, selecting workflows that handle certificate related requests 
differently, i.e., requiring or not requiring approval from an entity associated with a requesting 
user, based on the type of user requesting the action. For at least these reasons, the Applicants 
respectfully request withdrawal of the rejection and allowance of claims 38-52. 
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CONCLUSION 

In view of the foregoing, Applicants believe all claims now pending in this 
Application are in condition for allowance and an action to that end is respectfully requested. 

If the Examiner believes a telephone conference would expedite prosecution of 
this application, please telephone the undersigned at 303-571-4000. 

Dated: May 4, 2009 Respectfully submitted, 



/William J. Daley/ 
William J. Daley 
Reg. No. 52,471 

TOWNSEND and TOWNSEND and CREW LLP 

Two Embarcadero Center, Eighth Floor 

San Francisco, California 941 1 1-3834 

Tel: 303-571-4000 (Denver office) 

Fax: 303-571-4321 (Denver office) 

WJD:jep 
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